Comment 2 for bug 199385

On Sat, 2008-03-08 at 02:14 +0000, Scott Kitterman wrote:
> >This could well be a regression (Why was the antivirus plugin version
> >allowed to change? isnt that against policy?), so i consider it worth
> >noting.
>
> It's because the old version of clamav that it uses had serious security issues and wasn't
> maintainable. The updated provided fixes for (IIRC) 19 CVE bugs.

fairly impressive number (i had been wondering how clamav updates would
be handled).

incase its relevent, here is the config i had to (re?) introduce to get
dans working again (which is the AV section):

# OPTION: virusscan
# If on, content will be scanned using virus engine setup in
dansguardian.conf.
# More options are available in dansguardian.conf.
virusscan = on

# OPTION: exceptionvirusextensionlist
# The following file allow you to define file extensions
# that should not be virus scanned.
exceptionvirusextensionlist =
'/etc/dansguardian/exceptionvirusextensionlist'
# OPTION: exceptionvirusmimetypelist
# The following file allow you to define mime types
# that should not be virus scanned.
exceptionvirusmimetypelist =
'/etc/dansguardian/exceptionvirusmimetypelist'

# OPTION: exceptionvirussitelist
# File location of definition of sites not be virus scanned.
exceptionvirussitelist = '/etc/dansguardian/exceptionvirussitelist'

# OPTION: exceptionvirusurllist
# File location of definition of URLs not be virus scanned.
exceptionvirusurllist = '/etc/dansguardian/exceptionvirusurllist'

# OPTION: dlmgrextensionlist
# File location of file extensions to be handled by embedded download
manager.
dlmgrextensionlist = '/etc/dansguardian/dlmgrextensionlist'

Two of these lines were already there, but i dont remember which.
kk